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(57) Abstract: The present invention relates to methods and 
apparatus for forwarding a print job over a communications 
network. In particular, the present invention enables a user to 
obtain print jobs at a location which may be unspecified, and 
which may be remote from the source (10) of the print job. 
A print driver is provided which is capable of forwarding one 
or more print jobs over a network. The print driver may be 
interfaced with any suitable print job source (10) (eg., a client 
device capable or generating a printable document, such as a 
computer) to obtain a print job. The print job is forwarded 
from the print driver, over the network, to a spooling server 
(50). A printer polling device (100), which may be used at 
a location remote from the client device (10), is capable of 
polling a sf>ooling server (50) via the network (110) to iden- 
tify whether any print jobs associated with the printer |X)lling 
device (100) are available for printing at a printer (120) cur- 
rently associated with the printer polling device. The spool- 
ing server (50) need not initiate contact with the printer ( 120) 
through a firewall, since it is polled by the printer polling de- 
vice. ITius, network security is maintained. 
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PRINT DRIVER AP PARATUS AND METHODS FOR FORWARDTNO A PRTNT 

JOP oym A NETWORK 

PACKOROUND OF THE INYENTJON 

The present invention relates to methods and apparatus for forwarding a print job 
5 over a communications network. In particular, the present invention enables a iiser to 
obtain print jobs at a location which may be unspecified, and which may be remote from 
the soiirce of the print job. A print driver is provided which is capable of forwarding one 
or more print jobs over a network. The print driver may be interfaced with any suitable 
print job source (e.g., a client device capable of generating a printable docimient, such 

10 as a computer) to obtain a print job. The print job is forwarded from the print driver, 

over the network, to a spooling server. A printer polling device, which may be used at a 
location remote from the cKent device, is capable of polling a spooling server via the 
network to identify whether any print jobs associated with the printer polling device are 
available for printing at one or more printers associated with the printer polUng device. 

15 As computer networks become more complex, the rate at which network 

configurations change continues to increase. Also, the increasingly frantic pace of the 
typical bxisiness traveler who juggles documents on multiple computers and is required 
to configure a traveUng laptop computer to integrate into various changing networks 
makes it increasingly difficult to reUably and efficiently print even a simple document. 

20 For example, a business traveler in a hotel may wish to print to a printer that the 

hotel provides for such purposes. Under the current state of the art, the user must first 
obtain the network ID of the printer along with some information about the type of printer. 
Then, a print driver for that specific painter must be installed on the user^s computer, and 
the computer must be configured to connect to the printer. This may additionally involve 

25 configuring the computer to coimect to the host network. 

Fiuther, in many cases, it is desirable to be able to prepare a docimient for 
printing prior to having the information concerning the destination printer. For example, 
it may be desirable to print a document from a mobile laptop connected via a wireless 
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data connection while in transit to a meeting at a site the xiser has never visited before. 
Obtaining the information and configuring the laptop to be able to print to the printer 
becomes logistically infeasible. 

These problems have typically been solved in the past by one of the following 
5 methods: 

1. The docimient is e-mailed or otherwise transferred over a network to a 
computer already configured to print to the desired printer; 

2. A portable computer is connected directly to the printer via a cable or infi-a- 
red, bypassing many of the difiQculties of configuring the computer to print to a network 

10 computer; 

3. A portable printer is transported to the desired location; or 

4. The document is &xed to a fax machine. 



Printing methods relating to network and distributed printing are known in the 
prior art. Such systems require either a private network or foreknowledge of the 

1 5 destination of a print job. These prior art methods comprise what is typically referred to as 
"push" technology (i.e. technology in which a print job is directed to a specific known 
destination or printer). 

In addition to the need for efBciency and ease of use is the need for security 
when sending, storing, or printing print jobs. Early in the life of the Intemet, the need 

20 for securing an organization's local network firom tampering, stealing, or vandalism by 
outsiders became very obvious. A type of gateway called a firewall was developed to 
meet this need. The firewall is designed to be a single, well-controlled access point 
between the outside, global, or wide-area network and the inside, local-area network. By 
carefiiUy restricting the types of network traflBc and the destinations where that trafSc 

25 can flow, the firewall can provide effective protection. 

Specific "holes" in the firewall are created for each type of traflBc that is allowed 
through the gateway in each direction. Most organizations, for example, allow e-mail 
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traffic in and out fiom their e-mail server, as well as web page client access fix)m inside 
the firewall to servers located outside of it 

Many types of access between machines commonly used on a local network are 
normally prevented firom going through the firewall. Specifically, file sharing, remote 
5 log-in, printing, and various other network-administration types of protocols are 
typically not allowed to be transported outside the firewall. 

Another aspect of the firewall is that it is almost always administratively 
controlled by a centralized authority for the organization that owns the local area 
network - commonly the management information services (NHS) department of a 
10 company. Normal users geaerally have to make special requests that are approved at the 
upper levels of management to get configuration changes in the firewall. In the interest 
of maintaining security, these changes are often limited to specific point-to-point 
exceptions or "holes" in the firewall. 

It is desirable by many users to be able to print fi'om a machine on one local area 
1 5 network to a printer located on a different local area network with the data being 

transferred over a global network (e.g., the Internet) outside of the firewall of both local 
networks. 

The current state of the art does have solutions for this problem. However, 
almost all of these solutions require the intervention of the firewall administrator. 

20 One example of a solution is the IPP - Intemet Printing Protocol standard being 

promulgated by various vendors. This standard allows IPP-equipped printers to receive 
print jobs fiTom remote clients over the Intemet. However, the installation and use of IPP 
requires that a specific IPP hole be opened in the firewall by the network administrator. 
It would be advantageous to be able to provide methods and apparatus that allow 

25 a user to print to a perhaps yet unknown destination printer or printer pool in a reUable, 
efBcient and secure manner without the disadA^tages of the above-mentioned 
techniques. 

It would be further advantageous to provide a printing system based on *'puir* 
technology (i.e. technology which enables a print job to be printed upon request, where 
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the print file is only delivered in response to said request). Such technology would enable 
a system that allows a user to print to a destination printer or printer pool that may be 
located anywhere, in a reliable, efiScient, and secure manner without the disadvantages 
of the above-mentioned techniques. 
5 It would be further advantageous to have a solution that allows secure, efBcient 

and easy-to-configure inter-network printing through a gateway firewall without the 
intervention of the network administrator. 

The methods and apparatus of the present invention provide the foregoing and 
other advantages. 
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SUMMARY OF THE INYBNUON 

The present invention relates to methods and apparatus for forwarding a print job 
over a communications network. In particular, the present invention enables a user to 
obtain print jobs at a location which may be unspecified, and which may be remote fix)m 
5 the source of the print job. 

In an illustrative embodiment, a print driver is provided which is capable of 
forwarding one or more print jobs over a network. The print driver may be interfeced 
with any suitable print job source (e.g., a client device capable of generating a printable 
docimient, such as a computer) to obtain a print job. The print job is forwarded from the 
10 print driver, over the network, to a spooling server (e.g., via a transmitter). The spooling 
server receives the print job and stores the print job in memory. The spooling server 
receives a polling request over the network for a print job from a printer polling device. 
The spooling server forwards the requested print job to the printer polling device for 
printing at one or more associated printers. 
1 5 The print driver may be integrated into the print job source or may comprise a 

stand-alone device associated with a print job source. 

The print job can originate from any smtable print job source, such as a client 
device with an associated print driver, a web browser, a facsimile machine, a scaimer, a 
telephone, an Intemet appliance, a personal digital assistant, or the like. A print job can 
20 also originate on the spooling server itself or be obtained from another server. The client 
device may be a computer, a telephone, a personal digital assistant, an Intemet 
appliance, or the like. 

The identified print job can be transmitted from the spooling server to the printer 
polling device and printed at one or more printers coupled to the printer polling device. 
25 The printer may be located at a location remote from said spooling server. 

The printer polling device may periodically poll the spooUng server to identify a 
print job associated with the printer polling device. 
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The network may comprise at least one of a local area network, a wide area 
network, a global network, the Internet, and any other type of network. The network 
may consist of multiple interconnected networks having multiple gateways and other 
features as is well known in the art 
5 In an alternate embodiment, the print driver may be located within a gateway 

firewall and the spooling server may be located outside the gateway firewall. The print job 
may be forwarded to the spooling server such that reconfiguration of the gateway firewall 
is not required. For example, the print job may be forwarded to the spooling server as 
web-style traffic and received at the spooling server as web-style trafiBc. 
10 The print driver may be located at and in conmiimication with a first local area 

network for forwarding the print job to the spooling server. The printer polling device 
may be located at and in communication with a second local area network. The spooling 
server may be located outside of the first and second local area networks. The print 
driver may commimicate with the spooling server via a first gateway firewall which 
1 5 controls access to the first local area network and the printer polling device may 

communicate with the spooling server via a second gateway firewall which controls 
access to the second local area network. 

The spooling server may store multiple print jobs in at least one spooling queue. 

The print job may be encrypted at the print driver or the print job source and 
20 decrypted at the printer polling device. 

The print job may comprise a dociunent provided by a content provider. The 
content provider may be one of a newspaper, a magazine, a periodical, a document 
provider, a graphic arts provider, a notification service, an Internet content provider, a 
merchant, a financial institution, a government agency, a shipping company, or the like. 

25 

In a further embodiment, each print job may be stored on the spooling server 
according to a personal identification number (PIN) provided with each print job. The 
spooling server may communicate to the printer polling device a list of print jobs 
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associated with the PIN which are stored at the spooling server. The selection of a print 
job from the list may be provided for (e.g., via a user interface). 

A plurality of print jobs may be stored on the spooling server according to the 
PIN. The PIN may be provided to the spooling server via one of a the print driver, user 
5 intoiace associated with the printer polling device, a telephone, a computer, an Internet 
appUance, a fiicsimile machine, a scanner, a personal digital assistant device, a dedicated 
tmninal, or the like. 

In a further embodiment, the print job may be provided to the spooling server by 
the print driver without a pre-determined print destination. Alternatively, a desired print 
10 location for the print job may be designated at the print driver. The designated print 
location may be communicated to the spooling server with the print job. The print job 
may be printed at the desired print location when the printer polling device at the desired 
print location polls the spooling server and identifies the print job. 

Further, a substantially specific time for printing a print job may be designated 
1 5 such that the print job is only available for printing from the spooling server at the 
designated substantially specific time. 

In addition, a lifetime of the print job may be designated, wherein said print job 
will be stored on the spooling server only for the designated lifetime. 

A number of printings of the print job may be designated, wherein the print job 
20 can only be printed the designated number of times. 

A list of recipients authorized to retrieve a print job may be designated, wherein 
the print job may only be printed by the designated recipients. 

The print job may be one of a negotiable instrument, a stamp, a coupon, a 
certificate, a check, a unit of currency, a token, a receipt, or the like. 
25 The print job may include at least one of a document, a poster, an image, a 

coupon, a ticket, a certificate, a check, a list, a schedule, a periodical, a unit of currency, 
a negotiable instrument, postage, a bill of lading, a lottery or gaming ticket, a token, 
food stamps, a license, a permit, a pass, a passport, a ballot, a citation, identification, a 
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copy-protection key, a proof-of-piirchase, a warranty, a receipt, a transcript, a library 
card, or any other printable subject matter. 

In an alternate embodiment, an agent program provides a directory of documents 
to the spooling server. The agent program enables a client device associated with the print 
5 driver to poll tiie spooling server to determine whether the spooling server requires a 
document identified in the directory to complete a print job. If so, the document can be 
uploaded fiom the client device to the spooling server. 

The directory can be communicated to the printer polling device and presented at 
the printer polling device. Selection of a print job from the directory can be made (e.g., via 
10 a user inter&ce). 

The directory may be presented via a visual presentation or an audio presentation. 
The client device may periodically poll the spooling server to determine whether the 
spooling server requires a document identified in the directory to complete a print job. 
Communications with the spooling server may be enabled via at least one of a 
1 5 telephone, a personal digital assistant device, a computer, an Internet appliance, a web 
browser, a dedicated terminal, or the like. The communications with the spooling server 
may be via an audio interface or a visual interface. 

A communication device for providing status of the print job stored on the 
spooling server may be provided. The status of the print job may comprise at least one of 
20 filename, file size, author, creation date, print job lifetime, image, title, contents, personal 
identification number, recipient, job number, or reference number. The communication 
device may be a telephone, a computer, an Internet appliance, a personal digital assistant 
device, a dedicated terminal, or any other suitable wireless or wired communication 
device. 
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mm PEscRiynoN qf im pra wings 

Figure 1 is a block diagram of an implementation of the present invention; 
Figure 2 is a flow diagram showing an example of an encryption process which 
can be implemented in accordance with the invention; 
5 Figure 3 shows a representation of a printer polling device; 

Figure 4 is a block diagram of an altemate embodiment of the invention; 
Figure 5 is a flow diagram of an authentication procedure which can be 
implemented in accordance with the invention; 

Figure 6 shows an example of communications which take place between various 
10 components of the invention; 

Figure 7 is a flow chart illustrating an example print job reformatting routine; 
Figure 8 is a block diagram of an embodiment of a printer polling device; 
Figure 9 is a block diagram of an embodiment of a spooling server; 
Figure 10 is a block diagram of an embodiment of a print driver; and 
1 5 Figure 11 is a block diagram of an embodiment of an agent program. 
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DETAILED DESCRIPTIO N OF THR TNVFNTTOM 

The present invention enables print jobs to be sent from a print driver to a 
spooling server for storage. The print jobs are subsequently delivered to one or more 
printers, on request, via a printer polling device. The printer polling device uses "pull" 
5 technology, which polls the spooling server so that the spooling server does not have to 
initiate a connection into a printer. In this manner print jobs can be securely printed 
anywhere, either automatically or at the request of a user who is authorized by the 
printer polling device and/or the spooling server. Since the spooling server need not 
initiate contact wifli any device, there is no potential breach of firewall security in a 

1 0 local network environment 

In one embodiment, a portable printer polling device is provided to enable 
retrieval and printing of documents from any location having Intemet access and a 
printer. The spooling server fiinctions as a repository that is accessible, e.g., via a global 
communication network such as the Internet, to authorized users at any time of day. 

15 Since the printer polling device polls the spooling server in order to obtain delivery of a 
print job, prior art push data flow techniques, which could compromise a local area 
network's security, are avoided. Moreover, compatibility with virtually all printers that 
may be connected to the network is provided, so that a document can be printed 
anywhere regardless of a specific printer's requirements. Many other advantages and 

20 features of the invention are set forth in the following description. 

A preferred embodiment of the invention is shown in Figure 1. Printing services 
are provided via a spooling server 50 which is capable of receiving and stormg one or 
more print jobs fix)m a print job source 10 via a network 1 10. A printer polling device 
100 is provided which is capable of polling the spooling server 50 via the network 1 10 
25 to identify a print job associated with the printer polling device 100. Configuration 

problems are eliminated as each print job source 10 only needs to be configured to know 
how to print to the spooling server 50. The spoolmg server 50 only needs to be 
configured to be able to print to the printer polling device 100. 
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The print job can originate from any suitable print job source 10. As shown in 
Figure 1, the print job source 10 may be a client device 12 associated with print driver 14. 
The print driver 14 may receive the print job from an originating application 1 5, which 
can be any program capable of producing a printable document. The print job source 10 
5 may also be a web browser, a &csimile machine, a scanner, a telephone, an Internet 
appliance, a personal digital assistant, or the like. A print job can also originate on the 
spooling server 50 itself or be obtained from another server. The client device 12 may be a 
computer, a telephone, a personal digital assistant, an Intemet appliance, a &csimile 
machine, a scanner, or tfie like. 
1 0 The identified print job can be transmitted from the spooling server SO to die 

printer polling device 100 and 

printed at a printer 120 coupled to the printer polling device 100. Printer 120 may be a 
single printer or a pool of one or more printers coupled via a print server. 

The printer poUing device 100 may periodically poll Ihe spooling server 50 to 
1 5 identify a print job associated with the printer polling device 1 00. Security is achieved 
by the fact that the printer 120 is not passively accepting any and all connections from 
the outside. The printer polling device 100 is initiating connections to a specific, trusted 
location^ the spooling server 50. 

The network 110 may comprise at least one of a local area network, a wide area 
20 network, a global network, the Intemet, and any other type of network. The network 110 
may consist of multiple interconnected networks having multiple gateways and other 
features as is well known in the art. 

In an alternate embodiment, the printer polling device 100 may be located within a 
gateway firewall 70 and the spooling server may be located outside the gateway firewall 
25 70, In addition, the print job source 10 may be located within a gateway firewall 30 and 
the spooling server may be located outside the gateway firewall 30. 

The print job may be forwarded to and from the spooling server 50 such that 
reconfiguration of gateway firewalls 30 and 70 is not required. For example, the print job 
may be forwarded to the spooling server 50 as web-style traffic and received at the printer 
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polling device 100 as web-style trafSc. For example, a print driver 14 may accept print 
requests from application IS like any other print driver, but instead of routing the print 
requests onto the network 110 using normal printer packets and well-known-ports, it 
routes the output of the print job to the spooling server SO located outside of the firewall 
S 30 using packets and ports that resemble web trafQc. 

Similarly, using web types of packets and ports, the printer polling device 100 is 
capable of polling the spooling server SO and retrieving any print jobs that have been 
stored for tiie printer 120. 

As shown in Figure 1, the print job source 10 may be located at and in 

1 0 communication with a first local area network 20 and the printer polling device 1 00 may 
be located at and in communication with a second local area netwoik 80. The spooling 
server 50 may be located outside of the first and second local area networks 20, 80. The 
print job source 10 may ccnnmunicate with the spooling server SO via a first gateway 
firewall 30 which controls access to the first local area network 20 and the printer polling 

1 S device 1 00 may communicate with the spooling server SO via a second gateway firewall 
70 which controls access to the second local area network 80. 

The printer polling device 100 may be: (i) a stand-alone device connected to the 
printer 120 via a standard printer port, (ii) integrated into the firmware of the printer 120, 
(iii) integrated into flie software of a network print server, or (iv) of any other suitable 

20 configuration. The printer polling function may also be integrated into the software on a 
stand-alone print server such as those manufactured by Electronics for Imaging, Inc. 
(Foster City, California) under the trademarks Fiery® and EDOX®. 

In a preferred embodiment, a fee may be charged to access the spooling server 
SO. The fee can be based on one of print job size in bj^es, print job size in number of 

2S pages, print job type, time for printing, time for storage, monthly fee, per use fee, 

lifetime membership, monthly membership, use of color, use of black and white, page 
size, location, convenience, number of images, print quality, image quality, or other 
suitable factors. The fee may be charged for providing a print job to the spooling server 
SO and/or retrieving a print job from the spooling server 50. The fee can be paid via a 
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client device 12 associated wilfa the print job source 10, the printer polling device 100, 
or any other suitable device capable of communicating with the spooling server, such as 
a smart card, a telephone, a personal digital assistant, or the like. 

The spooling server 50 may store the one or more print job(s) in at least one 
5 spooling queue 52. The spooling server 50 may be maintained by a trusted party on the 
outside of the firewalls 30, 70. Alternatively, the spooling server 50 may be owned and 
maintained by the organizations desiring to utilize inter-network printing. 

Since the communications amongst the print job source 10, the spooling server 
50, and the printer polling device 100 may travel across public networks, it is very 
10 desirable to protect any proprietary or confidential information that may be embodied in 
the print jobs. 

In a preferred embodiment, the print job may be encrypted at the print job source 
10 and decrypted at the printer polling device 100. For example, the print job can be 
encrypted on the client device 12 such that it can only be printed by a person with the 

15 correct decryption key. In addition, printing of the document can be delayed imtil the 
key is physically entered at the printer polling device 100 (e.g., the recipient is 
physically present at the printer 120). 

A flow diagram of an example of an encryption process used between the print job 
source 10, the spooling server 50 and the printer polling device 100 is shown in Figure 2. 

20 The print job 1 1 is protected by encrypting the print job (indicated at 501) at the print job 
source 10 (e.g., on the print driver 14 or an agent program on the originating client device 
12 of Figure 1) and decrypting it at the spooling server 50. The encryption algorithm may 
be the IDEA algorithm. Other suitable encryption algorithms which can be utiUzed are 
DBS (the Data Encryption Standard), or triple-DBS (DBS appUed to the data three times 

25 with three different keys). Other encryption algorithms suitable for commercial 

confidential information are numerous and well known in the art of data encryptioa 

The key 500 used for encryption 501 may be derived firom an accoimt number 
510, a user's secret PIN (personal identification number) 520, and/or optionally some 
additional encryption key digits 530 supplied by the user. Simply concatenating the bits 
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together from these sources provides a moderately secure key 500. Optionally, 
additional security may be achieved by using a more sophisticated hashing function. 

The key 500 would be known only to the user and to the secure, trusted, 
spooling web server 50. The encrypted print job is sent to the spooling sraver 50 where 
5 it is decrypted (601) to facilitate reformatting 602 for the destination printer once it is 
known. The reformatted print job data is re-encrypted 603 using the same or similar key 
500* derived in the same manner as key 500 at the print job source 10. The encrypted 
print job is then transmitted from the spooling server 50 to the printer polling device 
100. Once at the printer polling device 100, the print job is decrypted 701 using a key 
10 500' * derived from the PIN 520, account number 510, and/or optional encryption key 
extension digits 530, The decrypted print job can flien be forwarded to the printer 120 
for printing. 

Hie print job 1 1 may comprise a document provided by a content provider. The 
content provider may be one of a newspaper, a magazine, a periodical, a dociunent 
1 5 provider, a graphic arts provider, a notification service, an Internet content provider, a 
merchant, a financial institution, a govenmient agency, a shipping company, or the like. 
For example, instead of physically delivering the daily sports page, it is simply printed on 
a custom^s home prints:. 

The print job 1 1 may be provided by the content provider on a subscription 
20 basis. A single print job may be provided by the content provider for printing by 
multiple users. 

The printer polling device 1 00 may comprise a user interface, a connection to the 
network 110, and a coimection to the printer 120. Figure 3 shows an embodiment of a 
user interface 103 for the printer polling device 100 having a display 101 and a keypad 
25 102. The keypad 102 shown in Figure 3 may also comprise an alphanumeric keypad to 
allow for entry of both letters and numbers. The user interface may optionally include a 
speaker and a microphone for audio output and input, and may also include a card 
reader for reading a magnetic strip on a credit or debit card, automated teller machine 
(ATM) card, smartcard, prepaid print card, or the like. 
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In a further embodiment as shown in Figure 4, each print job may be stored on 
the spooling server 50 according to a personal identification number (PIN) 400. As an 
example. Figure 4 shows the PIN 400 entered at a client device 12. The PIN 400 is 
forwarded to the spooling server 50 by the print driver 14 along with the print job. The 
5 spooling server 50 may communicate to the printer polling device 1 00 a list of print jobs 
associated with the PIN 400 which are stored at the spooling server 50. The selection of 
a print job from the list may be provided for (e.g., via a user interface). For example, a 
small terminal may be provided at each printer polling device 100 to allow a user to 
interact with the spooling server 50 and request that the user's print jobs be sent to the 
10 printer 120 at the user's location. The user may identify himself or herself at the printer 
polling device 100 with their PIN 400, and the spooling server 50 can flien match that 
PIN 400 wifli print jobs previously submitted using that same PIN 400. 

A plurality of print jobs maybe stored on the spooling server 50 according to the 
PIN 400 (e.g., in spooling queue 52). For example, a directory may be created for each 
1 5 user, and thus each PIN, registered with the spooling server 50. Each print job may 

additionally be assigned a unique job number at tiie time it is first received at the spooling 
server 50. Thereafter, the job nimiber maybe used to access the data files associated with 
that job unambiguously. Once a print job has been selected to be printed to a destination 
printer 120, the job number for the print job may be entered into a queue associated with 
20 the destination printer 120. Data structures suitable for maintaining a queue are well 

known in the art. In the preferred embodiment, the queue 52 is maintained in a C++ class 
known as a CList provided by Microsoft in their C++ class library. 

When the printer polling device 100 polls the spooling server 50, the spooling 
server 50 checks to see if the queue for that printer 120 contains any print jobs. When 
25 the spooling server 50 finds a print job waiting to be printed, the data for that print job is 
retrieved from the file system, reformatted in a form suitable for the identified printer 
120, and transmitted to the printer polling device 100. 

The PIN 400 may be provided to the spooling server 50 via one of a user 
interface associated with the printer polling device 100, a telephone, a computer, an 
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Internet appliance, a facsimile machine, a seamier, a personal digital assistant device, a 
dedicated terminal, or the like. The list of available print jobs may be displayed on one of 
a user inter&ce associated with the printer polling device 100, a telephone, a computer, 
an Intemet q)pliance, a facsimile machine, a scanner, a personal digital assistant device, a 
S dedicated terminal, or the like. Selection of an available print job may be made via a user 
interface associated with the printer polling device 100, a telephone, a computer, an 
Intemet appliance, a facsimile machine, a scanner, a personal digital assistant device, a 
dedicated terminal, or the like. 

Figure 5 illustrates an exemplary process of authentication of a user using a PIN. 

10 When a user desires to access their account or documents over a non-secure channel, 
first, the spooling server 50 needs to verify that it is indeed talking to the actual user. 
The server generates a random string of bits 350. These bits are sent to the printer 
polling device 100 where authentication is to take place. The user's PIN 150 is used to 
generate an encryption key 152 for encrypting the bits (indicated at 155) and the result is 

1 5 returned to the spooling server 50. The spooling server 50 decrypts the string (indicated 
at 355) using an encryption key 362 generated from the PIN it knows (360) and 
compares it to the original random string (indicated at 365). If the decrypted string 358 
matches the original string 350, the spooling server 50 accepts the user as authenticated. 
An account number (361, 151) may optionally be used (either alone or in connection 

20 with the PIN) to generate the encryption keys 362, 1 52. Many other authentication 
protocols are well known in the art and may be substituted for the protocol described 
above in connection with Figure 5. 

The printer polling device 100 may be a portable device. The printer polling 
device 100 may be operably associated with a variety of printer types. 

25 In a further embodiment, the print job may be provided to the spooling server 50 

without a pre-determined print destination. A user is able to interact with the printer 
polling device 100 and commimicate the identification of the desired print destination 
for the user's print job to the spooling server 50. The user need not know anything more 
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about the printer 120 than its location (which the user needs anyway to be able to 
retrieve the physical output pages). 

Alternatively, a desired print location for the print job may be designated at the 
print job source 10. The designated print location may be communicated to the spooling 
5 server 50 with the print job. The print job may be printed at the desired print location 
when the printer polling device 100 at the desired print location polls the spooling server 
50 and identifies the print job. 

Further, a substantially specific time for printing a print job may be designated 
such that the print job is only available for printing firom the spooling server 50 at the 
10 designated substantially specific time. 

In addition, a lifetime of the print job may be designated, wherein said print job 
will be stored on the spooling server 50 only for the designated lifetime. 

A nimiber of printings of the print job may be designated, wherein the print job 
can only be printed from the spooling server 50 the designated number of times. 
15 A list of recipients authorized to retrieve a print job may be designated, wherein 

the print job may only be printed by the designated recipients. For example, a docimient 
or series of documents may be provided to the spooling server 50 which docimient or 
docimients can be received by a designated group of recipients, such as a company's 
sales force, newsgroup or other content subscribers, or other target audiences. 
20 The print job may be one of a negotiable instrument, a stamp, a coupon, a 

certificate, a check, a imit of currency, a token, a receipt, or the like. In such 
circumstances, it may be desirable that the designated number of printings is one. 

The print job source 10 may be connected to the network 110 using Dynamic 
Host Configuration Protocol (DHCP protocol), or any other suitable network 
25 configuration protocol. Similariy, the printer polling device 100 may be connected to the 
network 1 10 using DHCP protocol, or any other suitable network configuration 
protocol. 

DHCP is a protocol which allows nodes to be added to a TCP/IP network 
dynamically without specific prior configuration of that node in the domain controller's 
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hosts database. Each node desiring to connect announces itself to the DHCP server. The 
name of the node is sent to the DHCP server. The DHCP server then assigns the node a 
dynaniic IP address as well as conmiunicating the IP addresses of other key network 
services such as name servers, mailhosts, and gateways that are available. Once setup 
5 and enabled, this mechanism allows nodes to be added to ttie network without the 
intervention of a network administrator. 

Ease of installation and configuration is therefore achieved through the use of 
DHCP by the feet that most local networks are configured to allow network devices to 
be added without the intervention of an administrator using DHCP. In addition, most 

10 local networks allow web access through their firewall (e.g., gateway firewalls 30 and 
70). These two factors allow both the print job source 10 and the printer polling device 
100 to connect and communicate to the spooling server 50 without the intervention of a 
network administrator. The user simply plugs in the printer polling device 100 and it 
accesses the network and starts polling the spooling server 50. 

1 5 The invention may also be implemented using a virtual private network (VPN). A 

VPN is a mechanism that allows network nodes not directly connected to a local private 
network to behave as if they are locally connected to the network by forwarding the data 
packets through some type of public or intermediate network. For security, 
authentication of the node desiring to connect to the network is performed, as well as 

20 encryption of the contents of the forwarded packets. Various commercial products allow 
the setup and configuration of VPN's through various connectivity mechanisms such as 
dial-up ISP's, Cable Modems, and DSL on the client node end. The local network that 
is being connected to will require a router or router/firewall that implements the VPN 
protocol to allow the VPN connection. A VPN is made up of two components: L2TP 

25 (Layer 2 tunneling protocol) and IPSEC (Intemet Protocol Security). 

In a preferred embodiment, the printer polling device 100 is capable of 
communicating the status of the printer 120 to the spooling server 50. The printer status 
may comprise at least one of a printer ready indication, an on-line indication, toner level 
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information, paper supply information, error information, or other appropriate status 
information. 

A printer operator can be notified When the printer status indicates that the 
printer 120 requires attention. The operator can also be provided with vendor contact 
5 information to facilitate obtaining printer supplies or service. Automatic on-line 

ordering of printer supplies as required by printer status can be provided (e.g., by the 
spooling sever 50 contacting predetermined preferred vendors). 

The print job may include at least one of a document, a poster, an image, a 
coupon, a ticket, a certificate, a check, a list, a schedule, a periodical, a unit of currency, 
10 a negotiable instrument, postage, a bill of lading, a lottery or gaming ticket, a token, 
food stamps, a license, a permit, a pass, a passport, a ballot, a citation, identification, a 
copy-protection key, a proof-of-purchase, a warranty, a receipt, a transcript, a library 
card, or any other printable subject matter. 

As illustrated in Figure 6, the printer polling device 100 may periodically poll 
15 the spooling server 50. The interval of the polling can vary as desired and can be 

adjusted dynamically based upon such factors as traffic or requests for files. The polling 
request (query) 210 is preferably encrypted. Because the query 210 is directed to a 
specific spooling server 50, it is difficult for a third party to breach the system's 
security. The query 210 asks tiie spooling server 50 if it has a print job identified by the 
20 user (e.g., via a PIN or a job number). Once the spooling server 50 has received a 
request 210 firom the printer polling device 100 for a print job that is stored at the 
spooling servo* 50, the spooling server 50 waits for the next query 210 fibom the printer 
polling device 100. Then, instead of its normal answer to the query of "NACK" 
(negative acknowledge) 220, the spooling server 50 answers "ACK" (acknowledge) 230 
25 and transmits the print job to the destination printer 120. 

In an alternate embodiment as shown in Figure 11, an agent program 200 
provides a directory of documents 204 to the spooling server 50. The agent program 200 
enables a client device 12 associated with the print job source 10 to poll the spooling 
server 50 to determine whether the spooling server 50 requires a document 13 identified 
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in the directory 204 to complete a print job. If so, the document 13 can be uploaded 
from the client device 12 to the spooling server 50. The agent 200 enables a user at a 
printer 120 (or using any of the available interfaces to the spooling server 50) to initiate 
the printing of documents 13 that still reside on a client device 12 (such as the user's 
5 computer) even though the documents 13 have not been forwarded to the spooling 
server 50 as print jobs. 

The agent program 200 may be downloaded and installed on the client device 
12. The agent program 200 may be configured to make the contents of some or all of the 
directories 204 on the client device 12 available to the spooling server 50. Once installed 
10 and running, the agent program 200 initiates a connection to the spooling server 50 in 
the same way the printer polling device 100 does. The agent program may have a 
connection through a firewall, for example. 

The directory of documents 204 may include application files such as a 
Microsoft Word .doc file, for example, or files that have been made into a print job 
1 5 (Postscript or PDF file) by printing "to a file" from some application. 

The directory 204 can be communicated to the printer polling device 100 and 
presented at the printer polling device 100. Selection of a print job 11 from the directory 
can be made (e.g., via a user interface). 

For example, the spooling server 50 wiU list those documents 13 beiQg available 
20 from the agent program 200 whenever the user of that account is interacting with the 
printer polling device 100, or any other interface provided for communication to the 
spooling server 50 as described herein. 

For example, the agent program 200 may periodically poll the spooling server 50 
via polling interface 202. The interval of the polling can vary as desired and can be 
25 adjusted dynamically based upon such factors as traffic or requests for files. The 
commimications between the agent program 200 and the spooling server 50 occur 
substantially as described in coimection with Figxire 6 above. The polling request (query) 
206 is preferably encrypted. Because the query 206 is directed to a specific spooling 
server 50, it is difficult for a third party to breach the system's security. The query 206 
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asks the spooling server SO if it wants any files in the directory 204 (and may also update 
the directory 204). Once the spooling server 50 has received a request 207 from the printer 
polling device 100 for a document that is listed in the directory 204, the spooling server 
50 waits for the next query 206 from the agent program 200. Th^ instead of its normal 
5 answa- to the query of "NACK" (negative acknowledge), it answers "ACK" 
(acknowledge) followed by document information, such as the name of the document that 
is requested by request 207. 

The agent program 200, upon receiving an "ACK" and ttie request information 
207, opens the document 13 using the application it was created in and prints it to a 
temporary file 205 to create a print job 1 1 . This print job 1 1 is then transmitted to the 
spooling server 50 via transmitter 203. The spooling server 50 uses its normal 
mechanism to then transmit the print job 1 1 to the destination printer 120. 

Alternatively, the spooling server 50 may send an "ACK" followed by the name 
of a subdirectory. In that case, the agent program 200 returns the contents of that 
subdirectory. The spooling server 50 can then display those files to the user at the 
printer polling device 100 and allow one of the files to be selected, or allow additional 
navigation of directory 204 to take place. 

The directory 204 may be presented via a visual presentation or an audio 
presentation. The client device 12 may periodically poll the spooling server 50 to 
determine whether the spooling server 50 requires a docimient from the directory 204 to 
complete a print job. 

Communications with the spooling server 50 may be enabled via at least one of a 
telephone, a personal digital assistant device, a computer, an Internet appliance, a web 
browser, a dedicated terminal, or the like. The corrmiunications with the spooling server 
50 may be via an audio interface or a visual interface. 

A communication device for providing status of the print job stored on the 
spooling server 50 may be provided. The status of the print job may comprise at least one 
of filename, file size, author, creation date, print job lifetime, image, title, contents, 
personal identification number, recipient, job nxmiber, or reference mmiber. The 



wo 02/41133 PCTAJSOl/42759 

22 

communication device may be a telephone^ a computer, an Intemet appliance, a personal 
digital assistant device, a dedicated terminal, or any other suitable wireless or wired 
communication device. 

The print job source 10 may be one of a computer, a personal digital assistant 
5 device, an Intemet appliance, a telephone, a facsimile machine, a seamier, a dedicated 
terminal, or other suitable source. 

Hie printer polling device 100 may be capable of polling multiple spooling 

servers. 

The spooling server 50 may be enable of communicating with other servers and 
1 0 receiving a print job from at least one of the oQier servers. 

The print jobs submitted from the print job source 10 to the spooling server 50 
may be generated in a page description language known as Postscript. Alternate choices 
for a page description language are PDF, Latex, or ottier similar languages. The size of 
the paper, various printer capabilities, and printable area dimensions may be assumed 
1 5 from a lowest common denominator set of c^abilities common to most of the intended 
target printers. 

Once the destination printer 120 is known, the page description language data 
needs to be converted into a form that can be understood by that printer 120. This 
process is shown in Figure 7. Once the print job 1 1 is sent to the spooling server 50, a 

20 target printer 120 must be identified before the spooling server 50 can forward the print 
job 1 1 to be printed. Target printer identification 801 can be provided with the print job 
1 1 from the print job source 10 or can be provided by the printer polling device 100 as 
part of the polling query. The spooling server 50 retrieves printer specific information 
805 for the target printer 120 from a printer database 803. Based on the printer specific 

25 information 805 (such as data type, page dimensions, color capabilities, margins, and 

other print characteristics) the spooling server 50 will make printer specific adjustments 
810 to the print job 1 1 at the page description language level prior to rasterization. 

On printers that can accept Postscript (or the PDL of choice) directly, no 
modification is necessary. For other, simpler printers, a lower level bitmap form of the 
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page is required to be sent to the printer. In this case, the page description language needs 
to be rasterized into a bitm^ form. In addition, the bitmap data needs to be formatted into 
the form xmderstood by the printer 1 20. A raster image processor 815 determines the 
target printer type fiom the printer specific information 805 and selects an appropriate 
5 data format fbom available formats 820, 821, 822, 823. The raster image processor 815 
places the print job 1 1 into a printer specific data file 850 for delivery to the printer 
polling device 100 to be printed at the target printer 120. 

One common example of a data format used with simple printers is PCL (Printer 
Control Language), which is widely used in printers built by Hewlett Packard. Other 
10 printers built by Epson, for example use Epson's proprietary Epson-escape code 
sequences to format the bitmap data. 

Alternatively, reformatting of the print job may take place at the printer 120, at 
the printer polling device 100, or at any other suitable device. 

Figure 8 shows the components of an embodiment of a printer polling device 
15 100. As discussed above in cotmection with Figure 3, the printer polling device may 
optionally include a user interface 103 for enabling communications with the spooling 
server 50 (e.g., providing a PIN to the spooling server 50). A polling transmitter 105 is 
provided for transmitting polling requests to the spooling server 50 via the network 110 
to identify a print job stored at the spooling server 50 (as discussed in connection with 
20 Figures 1 and 4 above). A print job receiver 108 is provided for receiving the identified 
print job firom the spooling server 50 via the netwoik 110. Decryption 111 of an 
encrypted print job may optionally be provided for at the printer polling device 100. A 
printer interface 1 12 enables the printer polling device 100 to forward the print job to a 
printer 120 for printing. 
25 Figure 9 shows the components of an embodiment of a spooling server 50. A 

receiver 51 is provided which is capable of receiving print jobs firom the print job source 
10 and receiving polling requests firom the printer polling device 100. The receiver 51 
may comprise a print job receiver 58 for receiving the print job and a polling receiver 59 
for receiving the polling request. When a print job is received by the receiver 51, the 
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spooling server 50 stores the print job in memory 52, which may comprise random 
access memory (RAM), magnetic or optical storage media, or any other read/write 
memory device. As discussed herein, the print jobs may be stored in memory 52 
according to a PIN. Multiple print jobs may be stored under each PIN as shown at 53, 
5 54, and 55. When the spooling server 50 receives a polling request for a specific print 
job from the printer polling device 100 at the receiver 51, the spooling server 50 will 
determine whether the requested print job is stored in memory 52, and if so, forward the 
requested print job to the printer polUng device 100 via transmitter 57. A processor 56 
enables the spooUng server to search for, retrieve, and/or reformat the print job for 

10 delivery to the printer polling device 100. 

Figure 10 shows the components of an embodiment of a print driver 14. An 
interface 16 is provided for receiving a print job from a print job source 10. The print 
job source 10 is shovra in Figure 10 as a client device 12, but can be any suitable print 
job source as discussed herein. The interface 16 receives a printable document 13 from 

15 the cUent device 12. A transmitter 18 is provided for transmitting the print job 1 1 to the 
spooling server 50 via the network 1 10. The spooling server 50 receives polhng requests 
from the printer polling device 100 and forwards one or more identified print jobs to the 
printer polling device 100 in response to the polling requests. The print jobs can then be 
printed at a printer 120 associated vdth the printer polling device 100. As discussed in 

20 greater detail elsewhere herein, the printer polling device 100 does not have to identify 
specific print jobs to the spooling server 50. Instead, it can simply request a list of all 
print jobs (if any) currently stored at the spooling server 50 for that specific printer 
polUng device 100, or for a particular PIN number (or other identifier) entered via the 
printer polhng device 100 or other device. As discussed elsewhere herein, the list of 

25 print jobs may be accessed via various other devices capable of commxmicating with the 
spooling server 50. 

It will now be appreciated that the present invention provides improved methods 
and apparatus for forwarding print jobs over a communications network in a secure 
manner without the need to specify the print destination. Print jobs are forwarded to a 
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spooling server by a print driver. By using a printer polling device, the disadvantages of 
prior art push data flow techniques are overcome. Instead of having a remote device 
initiate contact with a print station behind a firewall, the present invention provides a 
printer polling device that polls a spooling server to determine if there are any 
5 documents to be printed by a printer associated with the printer polling device. 
Compatibility with all types of printers is also provided. 

Although the invention has been described in connection wifli preferred 
embodiments thereof, those skilled in the art will appreciate tibiat nimierous adaptations 
and modifications may be made thereto without departing from the spirit and scope of 
10 the invention, as set forth in the following claims. 



wo 02/41133 



PCTAJSOl/42759 



26 

What is claimed is: 

1. A method for communicating a print job over a network, comprising: 

providing a print driver, 

operably associating the print driver with a client device, said client device 
capable of generating a printable document and providing print requests to the print 
driver; and 

enabling said print driver to forward the print job to a spooling server via the 
network; wherein: 

said spooling server is enable of receiving and storing said print job 
from the print driver via the network; and 

said spooling server is capable of forwarding the print job to a printer in 
response to a polling request for said print job. 

2. A method for communicating a print job over a network, comprising: 

providing a print driver, 

operably associating the print driver with a client device, said client device 
capable of generating a printable document and providing print requests to the print 
driver; and 

enabling said print driver to forward the print job to a spooling server via the 
network; wherein: 

said print driver forwards said print job to said spooling server as web- 
style traffic. 

3. A method in accordance with claim 2, wherein: 

the print driver is located within a gateway firewall; 
the spooling server is located outside of said gateway 
firewall; and 
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the print driver forwards the print job to the 
spooling server such that reconfiguration of the gateway firewall is not required. 

4. A method for communicating a print job over a network, comprising: 

providing a print driver; 

operably associating the print driver with a client device, said client device 
capable of generating a printable document and providing print requests to the print 
driver; and 

enabling said print driver to forward the print job to a spooling server located via 
the network; 

providing a personal identification number (PIN) with each print job forwarded 
to the spooling server; and 

storing one or more print jobs at the spooling server according to the PIN. 

5. A print driver for communicating a print job over a network, comprising: 

an interface for receiving a print job from a client device, said client device 
capable of generating a printable document and providing print requests to the print 
driver, and 

a transmitter enabling said print driver to forward the print job to a spooling 
server via the network; wherein: 

said spooling server is capable of receiving and storing said print job 
from the print driver via the network; and 

said spooling server is capable of forwarding the print job to a printer in 
response to a polling request for said print job. 

6. A print driver for conomunicating a print job over a network, comprising: 
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an interface for receiving a print job from a client device, said client device 
capable of generating a printable document and providing print requests to the print 
driver, and 

a transmitter enabling said print driver to forward the print job to a spooling 
server via the network; wherein: 

said print driver forwards said print job to said spooling server as web- 
style trafiGc. 

7. A print driver in accordance with claim 6, wherein: 

the print driver is located within a gateway firewall; 

the spooling server is located outside of said gateway 
firewall; and 

the print driver forwards the print job to the 
spooling server such that reconfiguration of the gateway firewall is not required. 

8. A print driver for communicating a print job over a network, comprising: 

an interface for receiving a print job fi-om a client device, said client device 
capable of generating a printable document and providing print requests to the print 
driver, and 

a transmitter enabling said print driver to forward the print job to a spooUng 
server via the network; wherein: 

a personal identification number (PEN) is provided with each print job forwarded 
to the spooling server; and 

the one or more print jobs are stored at the spooling server according to the PIN. 
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